You can also approach it from this point: High: ssh, dns, whatever Med: everything not classified as High or Low Low: encrypted traffic not on ssh, imaps, pop3s, and https ports
I really don't know if it's possible to detect encrypted traffic at the packet level, I'm just blue-skying it. Good luck. Regards... Todd On Fri, Apr 29, 2011 at 8:14 AM, Neal Lawson <[email protected]> wrote: > I have been using http://www.pfsense.org/ version 2.x.x works fairly well, > uses pf and has a nice web interface to get it configured. have deployed it > to some dorm networks and had it doing packet shaping for up to 300 users. > > On Fri, Apr 29, 2011 at 8:10 AM, Michael Gorman <[email protected]> > wrote: >> >> The thing about Torrent traffic is that you have to identify it. If you're >> just doing it to your PC and already know ports numbers etc its not terribly >> hard, because yes tomato and most other router OS have QOS built in. >> The hard part is however, that if someone else is using it on a different >> port and encrypting the traffic you can't really identify it readily. What >> this means is you have to write rules for everything. Start at the top and >> work your way down. Make HTTP, DNS, SSH etc have the priority, leave >> everything else alone in 1 big pool of low priority traffic. I think that'd >> be the best way to do it. You don't need to do anything with the torrent >> traffic, but you do need to prioritize the traffic that is important to >> you. >> >> Michael Gorman >> http://michaeljgorman.com >> >> >> On Fri, Apr 29, 2011 at 12:24 PM, Chris Penn <[email protected]> wrote: >>> >>> This is built into tomato, that is what I use. >>> >>> Chris... >>> >>> On Fri, Apr 29, 2011 at 4:18 AM, Roger E. Rustad, Jr. >>> <[email protected]> wrote: >>>> >>>> Any suggestions on "simple" (e.g. open source, simple config files) ways >>>> of de-prioritizing torrent traffic? >>>> >>>> I'm thinking that BSD's pf + ALTQ might be the easiest. Maybe drop in a >>>> box in transparent mode? >>>> >>>> Basically I want torrent traffic at the very bottom and only a few >>>> select services (ssh, dns, etc) at the absolute top. Everything else should >>>> remain in the middle and duke it out... >>>> >>>> _______________________________________________ >>>> LinuxUsers mailing list >>>> [email protected] >>>> http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >>>> >>> >>> >>> >>> -- >>> "As we open our newspapers or watch our television screens, we seem to be >>> continually assaulted by the fruits of Mankind's stupidity." >>> -Roger Penrose >>> >>> _______________________________________________ >>> LinuxUsers mailing list >>> [email protected] >>> http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >>> >> >> >> _______________________________________________ >> LinuxUsers mailing list >> [email protected] >> http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers >> > > > _______________________________________________ > LinuxUsers mailing list > [email protected] > http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers > > -- Regards... Todd "It is the nature of the human species to reject what is true but unpleasant and to embrace what is obviously false but comforting." "You might be a skeptic if you have pedantically argued the topic of pedantry." _______________________________________________ LinuxUsers mailing list [email protected] http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
